PROCEDURES TO BE UTILIZED IN PROCUREMENTS INVOLVING FOREIGN ADP*.

Declassified in Part - Sanitized Copy Approved for Release 2013/09/11: CIA-RDP91-00280R000100130026-1 (,) Proceddres to be utilized in procurements involving Foreign ADP*. ASSUMPTIONS: 1) An Agency policy is in place which provides generally that foreign ADP constitutes a security threat to Agency operations and will not be procured unless it can be shown that the risk is reduced to an acceptable level in accordance with prevailing security factors and Agency procedures. 2) That the requiring office in coordination with the Office of Security and Office of Logistics and the ISHA pre- pare a security baseline** to be utilized in each procure- ment to evaluate security aspects of foreign ADP. 3) That there exists in each solicitation explicit language reflecting Agency policy and a questionaire which will provide for answers from vendors to be evaluated against the security baseline established in Paragraph 2. 4) No vendor will be precluded from submitting a pro- posal solely because he is expected to propose foreign ADP. PROCEDURES: 1) Requiring offices will indicate in their requisitions (2420 or 88) all known sources. 2) Proposals will be requested from all eligible sources. 3) All requests for proposals will state the Agency policy regarding foreign ADP and the evaluation process for foreign ADP against the baseline based on response to the RFP questionnaire. 4) Upon receipt of proposals, all vendor information relating to foreign ADP will be submitted to a team to assess foreign ADP. Likely candidates for this team would be repre- sentatives from the Offices of Security, Logistics, Data Pro- cessing and the ISHA. This team will receive no cost data. 5) The team would evaluate each of the information received against the relevant baseline factors on a pass/fail basis. A report would be prepared indicating the results of the evaluation. Any proposal considered unacceptable will contain an analysis as to specific deficiencies and corrective action required to bring the proposal to an acceptable level. The report prepared by the Team chairman will be given to the Contracting Authority (CA). (Declassified in Part - Sanitized Copy Approved for Release 2013/09/11: CIA-RDP91-00280R000100130026-1 - / Declassified in Part - Sanitized Copy Approved for Release 2013/09/11: CIA-RDP91-00280R000100130026-1 6) The CA will consider the team report along with all other reports and relevant information to establish the competitive range. Where in the view of the CA the proposal contains repairable deficiencies he may include the proposal within the competitive range, commence discussions and solicit revised proposals consistent with 7) Upon receipt of revised proposals the evaluation team will re-evaluate them on a pass/fail basis. If a negative determination results from application of the foreign source baseline then such decision will be endorsed by the Director of Security before submission to the CA. 8) The CA will either accept the determination from the Direction of Security and notify the affected vendor, or in a separate memorandum to the Director of Logistics, state the reason for not excluding the proposal. The Director of Logistics may refer the matter to the ACRB for advice. He shall then make a decision which shall be final for procurement purposes. *Definition of Foreign ADP - to be established along lines of FPMR 101:35-202 to include hardware, software maintenance and support services. **Being prepared by Task Force Declassified in Part - Sanitized Copy Approved for Release 2013/09/11: CIA-RDP91-00280R000100130026-1 STAT